A user can have multiple roles in a role-based system. What's important is that two roles don't negate each other out. Ex: deleter and non-deleter. That's why roles usually give priviliges instead of denying them.